Re: setuid/setgid binaries contained in the Debian repository.
On Fri, 1 Aug 2003, [iso-8859-2] Micha³Politowski wrote:
> On Fri, 1 Aug 2003 19:19:10 +1000, Matthew Palmer wrote:
> [...]
> > From my investigations, I thought that the intended use of dpkg-statoverride
> > was by the local administrator, modifying the default suid/sgid and
> > ownership of the file as set in the package tarball.
>
> This is also my understanding. Still, some packages do use it for better or
> worse reasons.
> One example I've just found in uml-utilities.postinst:
>
> if ! getent group uml-net >/dev/null; then
> addgroup --quiet --system uml-net
> fi
>
> if ! dpkg-statoverride --list /usr/lib/uml/uml_net >/dev/null; then
> dpkg-statoverride --update --add root uml-net 04750 \
> /usr/lib/uml/uml_net
> fi
There are plans to remove this nescessity, by having the preinst add the
user/group, and having the deb contain the dynamic permissions itself.
This would mean all packages that current Depend on adduser would have to
Pre-Depend on it. It also requires some changes to dpkg-deb.
Reply to: